[Samba] Field Definition for objectSid (LDAP)

Burris, Celeste Suliin CSBURRIS at ci.tacoma.wa.us
Wed Sep 15 03:19:37 GMT 2004

Since perl has an "unpack" statement nearly identical to C, that should
work. If I get it working and there is any interest, I'll post it.

This week, I'm in class learning Python - what's another programming

-----Original Message-----
From: Andrew Bartlett
To: Celeste Suliin Burris
Cc: samba at lists.samba.org
Sent: 9/14/2004 4:18 PM
Subject: Re: [Samba] Field Definition for objectSid (LDAP)

On Tue, 2004-09-14 at 10:13, Celeste Suliin Burris wrote:
> I'm trying to write a perl program to get user information my boss 
> wants using Net::LDAP in perl. I'm doing fairly well, but when I try
> get the objectSid from the user list, it comes in packed or encrypted 
> in some fashion. 

packed.  The SID is binary encoded into the 'standard' format for SIDs
in CIFS, then binary encoded as per the ldap rules.

> Since dumping the users using the command "net ads 
> search '(&(objectClass=person)(objectCategory=person))'" gets me an 
> unscrambled objectSid, I figure someone out there knows how to put it 
> into human-readable form.

Yes, we have C code that handles that.  Doing it in perl will be another

lib/util_sid.c:sid_parse() in the Samba3 sources might help.

Andrew Bartlett

Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net

More information about the samba mailing list